Ain't crypto laws a bitch? I see your point. I withdraw my suggestion.
Cheers
-----------------------------------------------------------------------------------------------
Aaron Knauf
Implementation Consultant
Genie Systems Ltd
Auckland, New Zealand
Ph. +64-9-573 3310 x812, email: [EMAIL PROTECTED]
http://www.geniesystems.com
------------------------------------------------------------------------------------------------
| "Craig R. McClanahan" <[EMAIL PROTECTED]>
13/12/2000 15:21
|
To: [EMAIL PROTECTED] cc: Subject: Re: JSSE redistribution |
Aaron Knauf wrote:
>
> Is there any reason why we can't compile tomcat against JSSE and include the
> jars in the tomcat lib directory as part of the standard binary distribution?
> This would make it much easier for people to get HTTPS support from tomcat. I
> believe that the Sun licence allows for redistribution, and US law allows us
> foreigners to get at the crypto stuff, now.
>
Although the rules have been relaxed considerably, the US export regulations
still require preventing anyone from certain countries from downloading this
stuff. If JSSE was distributed in Tomcat, that would mean that we (Apache)
would be held responsible for enforcing that restriction -- and this would most
likely require some sort of click-through mechanism on *everyone* who downloads
(plus a bunch of lawyer time to make sure all the rules were being followed).
There is also still paperwork involved in registering as a distributor of
encryption materials -- even though it's legal.
>
> I seem to remember seeing a post about this a while ago, but I never saw a
> resolution.
>
> If there are no objections, I move that we include JSSE as part of standard
> tomcat.
>
Given that the restriction above exists, I'm afraid I can't see us doing this at
the current time.
>
> Cheers
>
Craig McClanahan
